diff --git a/.envrc b/.envrc new file mode 100644 index 00000000..3550a30f --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.gitignore b/.gitignore index 50918e65..cf869102 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ *.tf.json /tags.* +.direnv \ No newline at end of file diff --git a/flake.lock b/flake.lock index 57f82db7..6b58f333 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,31 @@ { "nodes": { + "agenix": { + "inputs": { + "darwin": [ + "nix-darwin" + ], + "home-manager": [ + "home-manager" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1696775529, + "narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=", + "owner": "ryantm", + "repo": "agenix", + "rev": "daf42cb35b2dc614d1551e37f96406e4c4a2d3e4", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, "bats-assert": { "flake": false, "locked": { @@ -35,7 +61,9 @@ "deploy-rs": { "inputs": { "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs", + "nixpkgs": [ + "nixpkgs" + ], "utils": "utils" }, "locked": { @@ -73,11 +101,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1688466019, - "narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=", + "lastModified": 1696343447, + "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec", + "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", "type": "github" }, "original": { @@ -108,11 +136,11 @@ ] }, "locked": { - "lastModified": 1690652600, - "narHash": "sha256-Dy09g7mezToVwtFPyY25fAx1hzqNXv73/QmY5/qyR44=", + "lastModified": 1698479159, + "narHash": "sha256-rJHBDwW4LbADEfhkgGHjKGfL2dF44NrlyXdXeZrQahs=", "owner": "nix-community", "repo": "home-manager", - "rev": "f58889c07efa8e1328fdf93dc1796ec2a5c47f38", + "rev": "f92a54fef4eacdbe86b0a2054054dd58b0e2a2a4", "type": "github" }, "original": { @@ -128,11 +156,11 @@ ] }, "locked": { - "lastModified": 1690431538, - "narHash": "sha256-Uml8ivMMOFPB9fNSDcw72imGHRdJpaK12sRm2DTLLe8=", + "lastModified": 1698429334, + "narHash": "sha256-Gq3+QabboczSu7RMpcy79RSLMSqnySO3wsnHQk4DfbE=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "16c07487ac9bc59f58b121d13160c67befa3342e", + "rev": "afe83cbc2e673b1f08d32dd0f70df599678ff1e7", "type": "github" }, "original": { @@ -144,11 +172,11 @@ }, "nixos-flake": { "locked": { - "lastModified": 1690424850, - "narHash": "sha256-pPELqUXbNdZ7nMLPL8A+BSyUsxjxMO3q2Wb7plW/Wf8=", + "lastModified": 1692742948, + "narHash": "sha256-19LQQFGshuQNrrXZYVt+mWY0O3NbhEXeMy3MZwzYZGo=", "owner": "srid", "repo": "nixos-flake", - "rev": "df6fe273ff64dc29de2c93805045b5348d70bc26", + "rev": "2c25190ceacdaaae7e8afbecfa87096bb499a431", "type": "github" }, "original": { @@ -159,16 +187,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1671417167, - "narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=", - "owner": "NixOS", + "lastModified": 1698318101, + "narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7", + "rev": "63678e9f3d3afecfeafa0acead6239cdb447574c", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -176,11 +204,11 @@ "nixpkgs-lib": { "locked": { "dir": "lib", - "lastModified": 1688049487, - "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", + "lastModified": 1696019113, + "narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", + "rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a", "type": "github" }, "original": { @@ -191,45 +219,15 @@ "type": "github" } }, - "nixpkgs_2": { - "locked": { - "lastModified": 1690548937, - "narHash": "sha256-x3ZOPGLvtC0/+iFAg9Kvqm/8hTAIkGjc634SqtgaXTA=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "2a9d660ff0f7ffde9d73be328ee6e6f10ef66b28", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1636823747, - "narHash": "sha256-oWo1nElRAOZqEf90Yek2ixdHyjD+gqtS/pAgwaQ9UhQ=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "f6a2ed2082d9a51668c86ba27d0b5496f7a2ea93", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "type": "github" - } - }, "root": { "inputs": { + "agenix": "agenix", "deploy-rs": "deploy-rs", "flake-parts": "flake-parts", "home-manager": "home-manager", "nix-darwin": "nix-darwin", "nixos-flake": "nixos-flake", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "terranix": "terranix" } }, @@ -238,15 +236,17 @@ "bats-assert": "bats-assert", "bats-support": "bats-support", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": [ + "nixpkgs" + ], "terranix-examples": "terranix-examples" }, "locked": { - "lastModified": 1684906298, - "narHash": "sha256-pNuJxmVMGbBHw7pa+Bx0HY0orXIXoyyAXOKuQ1zpfus=", + "lastModified": 1695406838, + "narHash": "sha256-xiUfVD6rtsVWFotVtUW3Q1nQh4obKzgvpN1wqZuGXvM=", "owner": "terranix", "repo": "terranix", - "rev": "c0dd15076856c6cb425795b8c7d5d37d3a1e922a", + "rev": "fc9077ca02ab5681935dbf0ecd725c4d889b9275", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ac242f89..6c561ac3 100644 --- a/flake.nix +++ b/flake.nix @@ -1,9 +1,11 @@ { inputs = { - # Principle inputs (updated by `nix run .#update`) + # Track channels with commits tested and built by hydra nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nix-darwin.url = "github:lnl7/nix-darwin/master"; nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; + home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; @@ -11,8 +13,15 @@ nixos-flake.url = "github:srid/nixos-flake"; terranix.url = "github:terranix/terranix"; + terranix.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.url = "github:serokell/deploy-rs"; + deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; + + agenix.url = "github:ryantm/agenix"; + agenix.inputs.nixpkgs.follows = "nixpkgs"; + agenix.inputs.darwin.follows = "nix-darwin"; + agenix.inputs.home-manager.follows = "home-manager"; }; outputs = inputs@{ self, terranix, ... }: @@ -26,7 +35,35 @@ ./lib ]; - perSystem = { config, ... }: { }; + perSystem = { system, pkgs, config, ... }: { + _module.args = { + inherit inputs; + pkgs = import inputs.nixpkgs { + inherit system; + overlays = [ + inputs.agenix.overlays.default + ]; + }; + unstable = import inputs.unstable { inherit system; }; + master = import inputs.master { inherit system; }; + }; + devShells.default = pkgs.mkShell { + buildInputs = with pkgs; [ + deploy-rs + nixpkgs-fmt + agenix + cachix + editorconfig-checker + nix + nodePackages.prettier + nvfetcher + shellcheck + shfmt + treefmt + nixos-generators + ]; + }; + }; flake = let @@ -41,6 +78,7 @@ self.pub-solar.lib.linux.unlockZFSOnBoot self.nixosModules.home-manager self.nixosModules.linux + inputs.agenix.nixosModules.default { home-manager.users.${username} = { imports = [